<?php 
$v_filter = "";
if(isset($_REQUEST['hdn_filter'])){
	$v_filter = _replace_bad_char(trim($_REQUEST['hdn_filter']));
}	
$v_list_id = intval($_REQUEST['hdn_list_id']);
$v_listtype_id = intval($_REQUEST['hdn_listtype_id']);
$v_code = _replace_bad_char($_REQUEST['txt_code']);

$v_name = _replace_bad_char($_REQUEST['txt_name']);
$v_order = intval($_REQUEST['txt_order']);
if ($v_order==""){
	$v_order = "NULL";
}
$v_file_type="";
$v_file_content_id=0;
$v_status = $_REQUEST['hdn_list_status'];
$v_save_and_add_new =0;
$v_url = "/list/list/index.php?modal_dialog_mode=1" . "&hdn_list_id=" . $v_list_id . "&fuseaction=DISPLAY_SINGLE_LIST" ;
// Kiem tra xem nguoi dang nhap hien thoi co quyen cap nhat hay khong?
if(!_check_permission_on_function($_SESSION['staff_id'], $_ISA_APP_CODE, _CONST_ONEGATE_LIST_UPDATE)){?>
	<script>
		alert("<? echo _CONST_FUNCTION_PERMISSION_ERROR; ?>");
		if (_MODAL_DIALOG_MODE==1){
			window.location = "<? echo $v_url; ?>";
		}else{
			window.history.back();
		}	
	</script><?
}
//CSDL SQL
if(_is_sqlserver()){
	$v_form_field = 'file_attach';
	if (isset($_FILES[$v_form_field]['tmp_name'])){
		$v_filename = _replace_bad_char(trim($_FILES[$v_form_field]['name']));
		$v_tmp_filename    = $_FILES[$v_form_field]['tmp_name'];
		$v_file_id = 0;
		if ($v_tmp_filename!="" and !is_null($v_tmp_filename)){
			_copy_file($v_tmp_filename, _CONST_LEVEL2_ATTACH_FILE_PATH_FROM_CURRENT.$v_filename);
			if ($v_new_file_id_list ==""){
				$v_new_file_id_list = _save_file_to_database('T_TEMP_FILE', 'C_FILE_NAME', 'C_FILE_CONTENT', _CONST_LEVEL2_ATTACH_FILE_PATH_FROM_CURRENT.$v_filename);
			}else{			
				$v_new_file_id_list = $v_new_file_id_list . ",". _save_file_to_database('T_TEMP_FILE', 'C_FILE_NAME', 'C_FILE_CONTENT', _CONST_LEVEL2_ATTACH_FILE_PATH_FROM_CURRENT.$v_filename);
			}	
		}	
	}

	$sql = "Exec ONEGATE_ListUpdate " ;
	$sql = $sql . $v_list_id;
	$sql = $sql . "," . $v_listtype_id ;
	$sql = $sql . ",'" . $v_code."'";
	$sql = $sql . ",'" . $v_name . "'";
	$sql = $sql . "," . $v_order;
	$sql = $sql . ",'" . $v_filename."'";
	$sql = $sql . "," . $v_status.",";
	$sql = $sql . "'" . $v_new_file_id_list . "'";	
	//echo $sql ; exit;
	$ado_conn->SetFetchMode(ADODB_FETCH_ASSOC);
	$rs = $ado_conn->GetRow($sql); 
	$v_error = _replace_bad_char(trim($rs['RET_ERROR']));
}

if (!is_null($v_error) and $v_error<>""){?>
	<script>
		alert("<?php echo $v_error; ?>");
		if (_MODAL_DIALOG_MODE==1){
			window.location = "<?php echo $v_url; ?>";
		}else{
			window.history.back();
		}	
	</script><?php
	exit;
}
sleep(0);
?>
<form action="index.php" method="post" name="f_back">
	<input type="hidden" name="fuseaction" value="DISPLAY_ALL_LIST">
	<input name="hdn_filter" type="hidden" value="<?php echo $v_filter; ?>">
	<input type="hidden" name="hdn_item_id" value="<?php echo $v_list_id;?>">
	<input type="hidden" name="hdn_listtype_id" value="<?php echo $v_listtype_id;?>">
</form>
<Script language="javascript">
	document.forms(0).submit();
</Script>
